Apple recently published a technical note explaining how to enable the adaptive firewall in OS X Server. This is a type of firewall that automatically creates temporary rules according to certain events. For example, a number of failed login attempts will cause the adaptive firewall to create a temporary rule to block the IP address attempting to log in.
To do this, run the following commands as an administrative user:
sudo pfctl -f /etc/pf.conf sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f
sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)' sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist
Mac OS X Hints
http://hints.macworld.com/article.php?story=20121011004626997